Cigital: Malicious Code Detection - BRIC Breaking Through Static Analysis
Wednesday, April 17, 2013 from 8:00 AM to 10:30 AM (CDT)
Do you have software developed offshore? Have you ever wondered what malware might be imbedded in your outsourced software? Have you ever considered how you might go about detecting malicious code in your applications?
Cigital is hosting a free breakfast discussion on malicious code detection we call BRIC Breaking Through Static Analysis. John Steven, Cigital's Internal CTO, will lead the presentation and demonstration on how to go beyond typical secure code review to find malware (abstract below).
Wednesday, April 17
8:00am: Hot breakfast
TechNexus, 200 S. Wacker Drive, 15th Floor, Chicago, IL
FREE - When you show up! The $20 registration fee will be refunded in cash as soon as you arrive. Registration is limited, so sign up early.
Malicious Code Detection - BRIC Breaking Through Static Analysis: As organizations outsource development to less trustworthy providers malware becomes as much a problem as introduction of honest vulnerability by one's own development shop. Assessment practices currently look for vulnerability within source code and running systems, however these are but a few of the windows of opportunity for malware introduction.
This presentation demonstrates an approach for augmenting an existing security practice with the capability to detect potentially malicious code through secure code review. First, we show how to break malicious intent--often quite subtle--into concrete patterns we can reliably detect. The framework then demonstrates how to build suspicion around reliance of particular patterns' use in concert which, increasingly, imply malicious intent. These techniques will be explained through a demonstration in a real world application.
All guests are required to check in with building security. Please be sure to have a photo ID on hand.
Metra and Amtrak trains arrive at Union Station, one block west of TechNexus on Adams. Metra trains also arrive at Ogilvie Transportation Center, at Madison and Canal, 2 blocks north and 2 blocks west of TechNexus. You can access CTA Brown, Orange, and Purple lines at the Quincy and Wells stop, located 3 blocks east down Jackson street. The blue line is located 6 blocks east on Jackson at Dearborn, and the red line can be accessed 1 block further east at Jackson and State. There is a cab stand outside of the Willis Tour on Jackson street.
The closest lot is on the corner of Wells/Franklin. Discounted rates are available through http://spothero.com/illinois-technology-association-parking
Cigital Inc., founded in 1992, is the world's largest consulting firm specializing in software security and is the global leader in helping organizations to design, build, and maintain secure software. Our unique expertise, technologies, and training services are a culmination of over twenty years of research activities and thousands of successful software security consulting engagements at leading public and private organizations throughout the world. Cigital is headquartered outside Washington, D.C. with regional offices in the U.S., Europe, and India. For more information visit: http://www.cigital.com
When & Where
Cigital, founded in 1992, is the world's largest consulting firm specializing in software security. We work with you to tackle the hardest problems and scale the solutions. Cigital is headquartered outside Washington, D.C. with regional offices in the North America and Europe. For more information visit: http://www.cigital.com